I have a site that uses SMTP to send outgoing messages, but I'm having trouble integrating this with our exchange server.
I have an external company which hosts our exchange server, so when I setup our web site I set in the web hosts MX record to point to our exchange server. Now all emails that go to our domain get shuffled along to our exchange server, which works well.
The problem is that when I set my webhost to use the custom MX record, it switches off all email services they provide, which includes SMTP email. Now that I am setting up some forms which will use SMTP, it seems like I can't send outgoing mail.
So, with this kind of setup in mind, would it be crazy to assume that if I tell the SMTP server to send using localhost, it would look at the MX record and find the exchange server and use that to send the email? Or should I still be pointing it somewhere specific?
This might sound like I'm asking a question specific to the webhost, but I'm wondering more about the general idea of how a setup like this normally works.
Thoughts?
Generally you just point your SMTP component to the actual DNS name / IP Address of the Exchange server. You don't need to set up an MX record.
Additionally, you need to enable relaying on your exchange server for the server running your site.
Related
Current Setup
I use Google Apps for personal / non-transactional emails. MX records for my domain point to google.
I have a dedicated IP for my LAMP server, and the SMTP port is available. I use cPanel to manage the server. I have created an email account through cPanel.
Goal
I want to use my host's native SMTP for sending transactional emails. I cannot use Google Apps SMTP because of per-day limit. These transactional emails need neither be saved in sent items nor replies to such emails be monitored.
Problem Area
I am not able to send transactional mails using host's native SMTP (not able to set this up, so no errors yet!)
Q1. Is the goal (using both host's native SMTP and Google Apps)
achievable? Looking at this and this, I believe it should be.
Q2. If yes, how should I setup in my cPanel? Please let me know if more [relevant] information about server setup is required to answer this.
Q1: Yes.
Q2: Same as if you were setting it up without Google Apps. Sending mail does not require any special setup. If you are still having difficulty, you need to check with your provider or ask the question of a cpanel expert -- the problem is unrelated to Google Apps.
What you didn't ask but need to know:
Cannot deliver email to Google Apps address; Gmail receives the same email fine
Why can't my server send outgoing email?
I want to host my own mailserver using my own domain. So far I can see that SMTP needs to be installed and the DNS record has to be modified to point to my mailserver. So far so good. But what about mailaccounts? How do I create mail#mydomain.com with username and password so I can start receiving emails in outlook?
What more does it take to be able to receive mails in outlook now that im done with installing SMTP on my server?
Installing just the smtp service isn't going to get you what you need. In order for users to get their mail you'd need a pop server, or an IMAP server or and exchange server.
What you need is a seperate mail hosting package. Something like Imail from Ipswitch. Or exchange from Microsoft.
SMTP is simply a mail transfer mechanism, it will receive emails for remote SMTP servers and then try an deliver them. It does not handle mailboxes or email accounts, for this you will need a POP3, IMAP or Exchange server.
I am working on a site that will be using HTML5 sockets to communicate with other server. At that time our users will be logged in , I can't code on other server . I am using PHP at server side. I don't know whether other server has even PHP or not. Client says PKI is a solution. So if user login on our server then I start their communication with HTML5 sockets towards other server to send and receive data. So how can other server authenticate them? I also think that I can have a userkey (like 32hash format) that is sent with HTML5 socket while communication that other server validate and then start working with that user. So client says that hacker can see data over network so I think SSL can work for it. What you guys suggest in such scenario? Please advise
More details:
There will be connection made between our users and another server using apache thrift(will be using TCP), and scenario is that user will login to our site, then we will connect them via HTML5socket to apache thrift on different domain, so in HTML5socket communication we will be forwarding userid to tell thrift server that which user is this, so it is fine. But there are two problems,
As HTML5sockets are at client side then a hacker can create his/her own socket and connect to that server in same way and use some one's id as these are just simple integers.
If we will append some thing in data then a hacker sitting on the network can get it like some hackers do this for session hijacking.
So that's why I am not sure that whether using a sort of SSL or TLS will solve the problem or some PKI or some other digital certificate. So that's why I am asking that here.
thanks
SSL cannot solve this problem. SSL is about creating a secure link between the client and server, it does absolutely nothing to protect the server from a malicious client. SSL cannot solve the problem of SQL Injection or in your case Insecure Direct Object Reference relating to the user id. Judging by this SSL suggestion you probably have never heard of TamperData, which allows you to read/intercept and modify all HTTPS traffic generated by your browser (Including components like flash and JavaScript), BURP is more advanced but does the same thing.
The right way to do this is to have a shared session store that your collection of servers can access. The client is issued a very large random number or cryptographic nonce that it uses as a verification token, which is kind of like a session id. This verification token is used to look up session state in the data store. The communal session store could be as simple as a PHP page that accepts the verification token as a parameter and tells you if its linked to a valid session.
Having 3rd parties issue a callback to verify the session is really the "right way" to do this. It is possible to do this with cryptography, although it is a misuse of cryptography because it introduces the possibility of an attack, where as a callback is absolute. The PHP server can issue the JavaScript client an HMAC token consisting of the user id, a timestamp and the message authentication code. The tricky part is that both the PHP server and any 3rd party will have to share a secret in order to verify the message authentication code. If done properly you can transmit the client can transmit the token, and 3rd parties can verify that the session hasn't expired based on the timestamp and that your servers issued the token (instead of a hacker's forgery) based on the message authentication code.
I was wondering if anyone might be able to explain to me why it's taking nearly 30 seconds each time my Java web app sends an email using Gmail's SMTP server? See the following timestamps:
13/04/2010-22:24:27:281 DEBUG test.service.impl.SynchronousEmailService - Before sending mail.
13/04/2010-22:24:52:625 DEBUG test.service.impl.SynchronousEmailService - After sending mail.
I'm using spring's JavaMailSender class with the following settings:
email.host=smtp.gmail.com
email.username=myaccount#gmail.com
email.password=mypassword
email.port=465
mail.smtp.auth.required=true
Note that the mail is getting sent and I'm receiving it fine, there's just this delay which is resulting in a slow experience for the application user.
If you know how I can diagnose the problem myself that would be good too :)
It might be that gmail uses this delay to prevent spammers from using their SMTP server from the "outside": if the SMTP is called from the actual webmail client it would not use this delay.
In order to test this, you could open a telnet session to port 25 and do a manual SMTP session
(Search the web for SMTP HELO for examples)
GMail uses SSL for connection. To validate SSL certificate properly certain time is needed. Exact time depends on complexity of the certificate chain and use and accessibility of CRLs and OCSP checking. It's very likely that Java checks OCSPs for the certificate(s) presented, and this can be slow.
Try running your application on different system (preferably in other subnet) to exclude influence of firewalls. Maybe some part of communication (either SMTP itself, or CRL retrieval or OCSP checking) is slowed down by the firewall.
Depending on your OS, you should have a proper mail system that takes care of actually sending mails outside your network.
For instance, Postfix can do the job nicely. The configuration of Postfix would be on another thread, but typically Postfix would accept mails from your LAN (accepting to be a relay for your LAN) and would transfer the mails to gmail.
This is a exemple as to how setup postfix to have gmail as relay.
Having a mail service taking care of the relay of Gmail mails allows your Java application to be freed almost instantly (Postfix absorbs the mail, store it in its queue and forward it to Gmail itself).
My site is hosted at Mediatemple but the IP address mail is being sent from is blacklisted so Hotmail messages are not delivered. Therefor I would like to use another SMTP server. Does anyone have suggestions?
Contact your hosting provider and complain. Often with web hosting, a company will put 100 domains on 1 IP address (not unusual). If that IP address gets on spamhaus.org blacklist then you're stuck.
Complain. Get them to give you your own IP address.
Not programming related. But use your ISP's smtp server
indeed complain because if you run a legal bisnuis (witch i gues you are) you have the right to send mail from you hosting trought php (or other forms)